A computing enterprise typically includes various computing components that interact with one another. Such computing components may include one or more networks, applications, services, and systems. In a computing enterprise, policies are often implemented to manage and control individual components and groups of multiple components. For example, network security policies are often employed to restrict access that one system has to another system.
In some instances, policies indirectly manage and control a person, at least with regard to that person's interaction with individual or groups of multiple computing components. For example, a security policy may be associated with a particular user so that such user has access to the same systems and data regardless of the system from which she uses to gain access.
Unless the context herein indicates otherwise, a “policy” should be understood herein to refer to a declarative description of how a computing component (or a group of multiple components) should be or behave. A policy is not a procedural list of instructions. Moreover, a “policy” may be understood herein to be a predicate of the state of one or more components and/or a predicate of the behavior of one or more components. Furthermore, a “policy” dedicates actions performed by one or more components. In general, a policy speaks of the thing that is to-be-managed.
Policy-based solutions are often central to managing complexity, scale and dynamics in a computing enterprise. However, conventional policy-based approaches are insufficiently rich and fragmented across the spectrum of particular scenarios found in various the computing enterprises. Examples of typical scenarios include deployment, security, network and storage management.
No universal policy language exists. Typically, each particular scenario (e.g., data protection or firewall) has its own policy-based solution with its own specialized policy language, syntax, semantics, policy-creation user-interface, and peculiarities.
As of today, no universal policy-based solution exists that supports all of the requirements for overall management of the spectrum of scenarios found in various the computing enterprises.